IJSMT Journal

International Journal of Science, Strategic Management and Technology

An International, Peer-Reviewed, Open Access Scholarly Journal Indexed in recognized academic databases · DOI via Crossref The journal adheres to established scholarly publishing, peer-review, and research ethics guidelines set by the UGC

Submit Research Paper
ISSN: 3108-1762 (Online)
webp (1)

By /
Plagiarism Passed
Peer reviewed
Open Access

THREATSCOPE: AN EXPLAINABLE AI-BASED HYBRID THREAT INTELLIGENCE PLATFORM FOR AUTOMATED CYBERSECURITY TRIAGE AND ENTERPRISE SOC AUTOMATION

AUTHORS:
Kaihan Khalid
Mohd Zaid
Mentor
Dr. Sanjeev Kumar
Affiliation
School of Computer Science and Engineering, Galgotias University, Greater Noida 201310, India
DOI: 10.55041/ijsmt.v2i5.593
CC BY 4.0 License:
This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
DOWNLOAD ARTICLE REVIEW REPORT CITE THIS ARTICLE
Abstract
The development of advanced cyber threats and the geometric increase in security warnings have overwhelmed Security Operations Centers (SOCs), leading to alert fatigue, decision paralysis, and delayed threat response. Traditional rule-based systems lack contextual awareness and cannot scale as threats evolve, while deep learning models—though accurate—operate as black boxes unsuitable for high-stakes security environ-ments where decision transparency is critical for compliance and liability. This paper presents ThreatScope, a comprehensive hybrid threat intelligence platform that fuses the semantic embeddings of Sentence-BERT (SBERT) with TF-IDF statistical models through an intelligent voting ensemble, achieving 88% classification accuracy with 86% precision and 87% recall. The platform’s Dynamic Explainability Module (XAI) produces analyst-readable reasoning chains, attaining a 4.6/5 analyst trust rating—markedly superior to single-model baselines (2.9/5 SBERT, 2.3/5 TF-IDF). ThreatScope further implements enterprise-grade Role-Based Access Control (RBAC) with a three-tier permission hierarchy, immutable forensic logging via tamper-evident audit trails, and automated CVSS-based severity scoring. Deployed as a MERN-stack microservices architecture with a Python Flask AI backend and real-time Socket.IO collaboration, the system demonstrates a 57% reduction in Mean Time to Threat Response (MTTR: 21090 minutes), 250% improvement in analyst throughput (618 threats/analyst/day), and 60% decrease in per-threat analysis cost. Comprehensive benchmarking against baseline models (TF-IDF+Na¨ıve Bayes, SVM, fine-tuned BERT) and commercial solutions (Jira, Splunk, Microsoft Sentinel) validates ThreatScope’s superior automated triage performance while preserving transparency and organizational compliance.
Keywords
Cybersecurity Explainable Artificial Intelligence (XAI) Threat Intelligence Automated Triage Sentence-BERT Hy-brid Ensemble Learning Natural Language Processing Security Operations Center Automation Enterprise Security Architecture
Article Information
PUBLICATION DETAILS
Review Type:
Double-Blind Peer Review
License:
CC BY-NC 4.0
Volume/Issue:
Volume 02, Issue 6
Review Rounds:
2
Article Type:
Research Article
Publication Date:
Jun 06 2026
Article Metrics
Article Views
42
PDF Downloads
1
HOW TO CITE
APA

MLA

Chicago

Copy

Khalid, K. & Zaid, M. (2026). ThreatScope: An Explainable AI-Based Hybrid Threat Intelligence Platform for Automated Cybersecurity Triage and Enterprise SOC Automation. International Journal of Science, Strategic Management and Technology, 02(6). https://doi.org/10.55041/ijsmt.v2i5.593

Khalid, Kaihan, and Mohd Zaid. "ThreatScope: An Explainable AI-Based Hybrid Threat Intelligence Platform for Automated Cybersecurity Triage and Enterprise SOC Automation." International Journal of Science, Strategic Management and Technology, vol. 02, no. 6, 2026, pp. . doi:https://doi.org/10.55041/ijsmt.v2i5.593.

Khalid, Kaihan, and Mohd Zaid. "ThreatScope: An Explainable AI-Based Hybrid Threat Intelligence Platform for Automated Cybersecurity Triage and Enterprise SOC Automation." International Journal of Science, Strategic Management and Technology 02, no. 6 (2026). https://doi.org/https://doi.org/10.55041/ijsmt.v2i5.593.

References

  1. Verizon Business, “2024 Data Breach Investigations Report,” Verizon, May 2024.

  2. Ponemon Institute, “2024 State of Cybersecurity Operations Report,” Feb.

  3. SANS Institute, “Alert Fatigue in Security Operations Centers,”

  4. Ramos, “Using TF-IDF to determine word relevance in document queries,” Rutgers University, 2003.

  5. Conti et al., “Advances in cybersecurity,” in Proc. IEEE S&P, 2016.

  6. Vaswani et al., “Attention is all you need,” in Proc. NeurIPS, 2017.

  7. Devlin et al., “BERT: Pre-training of deep bidirectional transformers for language understanding,” in Proc. NAACL, 2019.

  8. Reimers and I. Gurevych, “Sentence-BERT: Sentence embeddings using Siamese BERT-networks,” in Proc. EMNLP, 2019.

  9. Zhao et al., “Semantic similarity for NLP,” in Proc. EMNLP, 2021.


S. Lundberg and S.-I. Lee, “A unified approach to interpreting model
Ethics and Compliance
✓ All ethical standards met
This article has undergone plagiarism screening and double-blind peer review. Editorial policies have been followed. Authors retain copyright under CC BY-NC 4.0 license. The research complies with ethical standards and institutional guidelines.
Indexed In
Similar Articles
Ulcerative Colitis and Its Advanced Therapies : A Comprehensive Review
string(22) "Shivam Ashutosh Pathak" Pathak, S. A.et al.
(2026)
DOI: 10.55041/ijsmt.v2i6.023
Smart Signals, Smoother Streets: Dynamic Traffic Signal Control
string(10) "R.S. Derle" Derle, R.et al.
(2026)
DOI: 10.55041/ijsmt.v2i4.248
A Review on Sorbitol as a Pharmaceutical Excipient
string(20) "K.Bhavana, N.Sravani" N.Sravani, K.
(2026)
DOI: 10.55041/ijsmt.v2i3.103
Back to Volume 02, Issue 6
Scroll to Top